This user is still using the SA login. This is a tremendous security risk.

The password, database name, and server are directly identified in the code. The M2VEvents.Prj file can be read by text editors, and this is a recipe for disaster. I know there are other ways for an intruder to obtain this in the M2M environment, but I still feel it’s important to lessen those risks in any way we can.

If you change your database login names or passwords, your VBA code will need to be changed as well.

I thought it would be a good idea to demonstrate the way I attach to the M2M Database, and I believe it is also the method currently used by the Technical Consultants at Made2Manage as well.

My current method involves creating a module in VB called “DefaultModule” and inside I place the following code:

Notice that none of the information is hard coded, it is all obtained from the M2M environment. Therefore, it’s harder for an unauthorized person to extract it, and if you change your database login and password, the change is automatically handled by your code. However, for some inexplicable reason, M2M can drop the information between screens. To remedy this I include the following in the INIT event of each screen using VBA:

Public Function INIT() As Boolean
If Trim(connstr) = "" Then
connstr = GetCs1()
End If
INIT = True
End Function

This code is cleaner, more secure, and just plain easier to understand. In the next post, I will share a small project that shows how to draw controls on M2M forms as well as manipulate the database directly.

The formatting is a little off due to the length limit on the site but you should get the idea. This method requires less code and is more effiecient because it does not use nearly as many variables. I think that it may also be a little easier to understand and read although finding errors with it might be harder. That however should not be an issue since the code is simply cut and paste and should rarely if ever have to be altered.